@taquito/signer 23.0.0-beta.0 → 23.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. package/dist/lib/bls-key.js +104 -0
  2. package/dist/lib/ec-key.js +140 -74
  3. package/dist/lib/ed-key.js +86 -66
  4. package/dist/lib/helpers.js +3 -3
  5. package/dist/lib/key-interface.js +6 -0
  6. package/dist/lib/signer.js +6 -0
  7. package/dist/lib/taquito-signer.js +109 -35
  8. package/dist/lib/version.js +2 -2
  9. package/dist/taquito-signer.es6.js +458 -199
  10. package/dist/taquito-signer.es6.js.map +1 -1
  11. package/dist/taquito-signer.umd.js +457 -199
  12. package/dist/taquito-signer.umd.js.map +1 -1
  13. package/dist/types/bls-key.d.ts +21 -0
  14. package/dist/types/ec-key.d.ts +25 -28
  15. package/dist/types/ed-key.d.ts +17 -19
  16. package/dist/types/key-interface.d.ts +17 -0
  17. package/dist/types/signer.d.ts +16 -0
  18. package/dist/types/taquito-signer.d.ts +9 -8
  19. package/package.json +6 -5
package/dist/taquito-signer.es6.js CHANGED
@@ -1,15 +1,17 @@
1
1
  import { openSecretBox } from '@stablelib/nacl';
2
- import { hash } from '@stablelib/blake2b';
3
- import { isValidPrefix, invalidDetail, ValidationResult, Prefix, b58cdecode, prefix, buf2hex, b58cencode, hex2buf, mergebuf } from '@taquito/utils';
2
+ import { b58DecodeAndCheckPrefix, PrefixV2, b58Encode, compareArrays, InvalidPublicKeyError, BLS12_381_DST, POP_DST, hex2buf, mergebuf, buf2hex } from '@taquito/utils';
4
3
  import toBuffer from 'typedarray-to-buffer';
4
+ import { hash } from '@stablelib/blake2b';
5
5
  import { generateKeyPairFromSeed, sign } from '@stablelib/ed25519';
6
- import { InvalidKeyError, InvalidHexStringError, ParameterValidationError, UnsupportedActionError, InvalidDerivationPathError } from '@taquito/core';
7
6
  import elliptic, { ec } from 'elliptic';
7
+ import KeyPair from 'elliptic/lib/elliptic/ec/key';
8
+ import { ParameterValidationError, UnsupportedActionError, InvalidHexStringError, InvalidKeyError, InvalidDerivationPathError, ProhibitedActionError } from '@taquito/core';
8
9
  import pbkdf2 from 'pbkdf2';
9
10
  import * as Bip39 from 'bip39';
10
11
  import { HMAC } from '@stablelib/hmac';
11
12
  import { SHA512 } from '@stablelib/sha512';
12
13
  import BN from 'bn.js';
14
+ import { bls12_381 } from '@noble/curves/bls12-381';
13
15
 
14
16
  /******************************************************************************
15
17
  Copyright (c) Microsoft Corporation.
@@ -38,15 +40,29 @@ function __awaiter(thisArg, _arguments, P, generator) {
38
40
  });
39
41
  }
40
42
 
43
+ function __classPrivateFieldGet(receiver, state, kind, f) {
44
+ if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
45
+ if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
46
+ return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
47
+ }
48
+
49
+ function __classPrivateFieldSet(receiver, state, value, kind, f) {
50
+ if (kind === "m") throw new TypeError("Private method is not writable");
51
+ if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
52
+ if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
53
+ return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
54
+ }
55
+
41
56
  typeof SuppressedError === "function" ? SuppressedError : function (error, suppressed, message) {
42
57
  var e = new Error(message);
43
58
  return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
44
59
  };
45
60
 
61
+ var _EdKey_keyPair, _EdPublicKey_key;
46
62
  /**
47
63
  * @description Provide signing logic for ed25519 curve based key (tz1)
48
64
  */
49
- class Tz1 {
65
+ class EdKey {
50
66
  /**
51
67
  *
52
68
  * @param key Encoded private key
@@ -54,188 +70,97 @@ class Tz1 {
54
70
  * @param decrypt Decrypt function
55
71
  * @throws {@link InvalidKeyError}
56
72
  */
57
- constructor(key, encrypted, decrypt) {
58
- this.key = key;
59
- const keyPrefix = key.substring(0, encrypted ? 5 : 4);
60
- if (!isValidPrefix(keyPrefix)) {
61
- throw new InvalidKeyError(`${invalidDetail(ValidationResult.NO_PREFIX_MATCHED)} expecting either '${Prefix.EDESK}' or '${Prefix.EDSK}'.`);
62
- }
63
- this._key = decrypt(b58cdecode(this.key, prefix[keyPrefix]));
64
- this._publicKey = this._key.slice(32);
65
- if (!this._key) {
66
- throw new InvalidKeyError('unable to decode');
73
+ constructor(key, decrypt) {
74
+ _EdKey_keyPair.set(this, void 0);
75
+ const tmp = b58DecodeAndCheckPrefix(key, [
76
+ PrefixV2.Ed25519SecretKey,
77
+ PrefixV2.Ed25519EncryptedSeed,
78
+ PrefixV2.Ed25519Seed,
79
+ ]);
80
+ let [keyData] = tmp;
81
+ const [, prefix] = tmp;
82
+ if (prefix === PrefixV2.Ed25519SecretKey) {
83
+ __classPrivateFieldSet(this, _EdKey_keyPair, {
84
+ secretKey: keyData,
85
+ publicKey: keyData.slice(32),
86
+ }, "f");
67
87
  }
68
- this.isInit = this.init();
69
- }
70
- init() {
71
- return __awaiter(this, void 0, void 0, function* () {
72
- if (this._key.length !== 64) {
73
- const { publicKey, secretKey } = generateKeyPairFromSeed(new Uint8Array(this._key));
74
- this._publicKey = publicKey;
75
- this._key = secretKey;
88
+ else {
89
+ if (prefix === PrefixV2.Ed25519EncryptedSeed) {
90
+ if (decrypt !== undefined) {
91
+ keyData = decrypt(keyData);
92
+ }
93
+ else {
94
+ throw new Error('decryption function is not provided');
95
+ }
76
96
  }
77
- return true;
78
- });
97
+ __classPrivateFieldSet(this, _EdKey_keyPair, generateKeyPairFromSeed(keyData), "f");
98
+ }
79
99
  }
80
100
  /**
81
101
  *
82
102
  * @param bytes Bytes to sign
83
103
  * @param bytesHash Blake2b hash of the bytes to sign
84
104
  */
85
- sign(bytes, bytesHash) {
86
- return __awaiter(this, void 0, void 0, function* () {
87
- yield this.isInit;
88
- const signature = sign(new Uint8Array(this._key), new Uint8Array(bytesHash));
89
- const signatureBuffer = toBuffer(signature);
90
- const sbytes = bytes + buf2hex(signatureBuffer);
91
- return {
92
- bytes,
93
- sig: b58cencode(signature, prefix.sig),
94
- prefixSig: b58cencode(signature, prefix.edsig),
95
- sbytes,
96
- };
97
- });
105
+ sign(bytes) {
106
+ const hash$1 = hash(bytes, 32);
107
+ const signature = sign(__classPrivateFieldGet(this, _EdKey_keyPair, "f").secretKey, hash$1);
108
+ return {
109
+ rawSignature: signature,
110
+ sig: b58Encode(signature, PrefixV2.GenericSignature),
111
+ prefixSig: b58Encode(signature, PrefixV2.Ed25519Signature),
112
+ };
98
113
  }
99
114
  /**
100
115
  * @returns Encoded public key
101
116
  */
102
117
  publicKey() {
103
- return __awaiter(this, void 0, void 0, function* () {
104
- yield this.isInit;
105
- return b58cencode(this._publicKey, prefix['edpk']);
106
- });
107
- }
108
- /**
109
- * @returns Encoded public key hash
110
- */
111
- publicKeyHash() {
112
- return __awaiter(this, void 0, void 0, function* () {
113
- yield this.isInit;
114
- return b58cencode(hash(new Uint8Array(this._publicKey), 20), prefix.tz1);
115
- });
118
+ return new EdPublicKey(__classPrivateFieldGet(this, _EdKey_keyPair, "f").publicKey);
116
119
  }
117
120
  /**
118
121
  * @returns Encoded private key
119
122
  */
120
123
  secretKey() {
121
- return __awaiter(this, void 0, void 0, function* () {
122
- yield this.isInit;
123
- let key = this._key;
124
- const { secretKey } = generateKeyPairFromSeed(new Uint8Array(key).slice(0, 32));
125
- key = toBuffer(secretKey);
126
- return b58cencode(key, prefix[`edsk`]);
127
- });
124
+ return b58Encode(__classPrivateFieldGet(this, _EdKey_keyPair, "f").secretKey, PrefixV2.Ed25519SecretKey);
128
125
  }
129
126
  }
130
-
131
- const pref = {
132
- p256: {
133
- pk: prefix['p2pk'],
134
- sk: prefix['p2sk'],
135
- pkh: prefix.tz3,
136
- sig: prefix.p2sig,
137
- },
138
- secp256k1: {
139
- pk: prefix['sppk'],
140
- sk: prefix['spsk'],
141
- pkh: prefix.tz2,
142
- sig: prefix.spsig,
143
- },
144
- };
145
- /**
146
- * @description Provide signing logic for elliptic curve based key (tz2, tz3)
147
- */
148
- class ECKey {
149
- /**
150
- *
151
- * @param curve Curve to use with the key
152
- * @param key Encoded private key
153
- * @param encrypted Is the private key encrypted
154
- * @param decrypt Decrypt function
155
- * @throws {@link InvalidKeyError}
156
- */
157
- constructor(curve, key, encrypted, decrypt) {
158
- this.curve = curve;
159
- this.key = key;
160
- const keyPrefix = key.substring(0, encrypted ? 5 : 4);
161
- if (!isValidPrefix(keyPrefix)) {
162
- throw new InvalidKeyError(invalidDetail(ValidationResult.NO_PREFIX_MATCHED) +
163
- ` expecting one of the following prefix '${Prefix.SPSK}', '${Prefix.SPESK}', '${Prefix.P2SK}' or '${Prefix.P2ESK}'.`);
164
- }
165
- this._key = decrypt(b58cdecode(this.key, prefix[keyPrefix]));
166
- const keyPair = new elliptic.ec(this.curve).keyFromPrivate(this._key);
167
- const keyPairY = keyPair.getPublic().getY().toArray();
168
- const parityByte = keyPairY.length < 32 ? keyPairY[keyPairY.length - 1] : keyPairY[31];
169
- const pref = parityByte % 2 ? 3 : 2;
170
- const pad = new Array(32).fill(0);
171
- this._publicKey = toBuffer(new Uint8Array([pref].concat(pad.concat(keyPair.getPublic().getX().toArray()).slice(-32))));
127
+ _EdKey_keyPair = new WeakMap();
128
+ class EdPublicKey {
129
+ constructor(src) {
130
+ _EdPublicKey_key.set(this, void 0);
131
+ if (typeof src === 'string') {
132
+ const [key, _] = b58DecodeAndCheckPrefix(src, [PrefixV2.Ed25519PublicKey]);
133
+ __classPrivateFieldSet(this, _EdPublicKey_key, key, "f");
134
+ }
135
+ else {
136
+ __classPrivateFieldSet(this, _EdPublicKey_key, src, "f");
137
+ }
172
138
  }
173
- /**
174
- *
175
- * @param bytes Bytes to sign
176
- * @param bytesHash Blake2b hash of the bytes to sign
177
- */
178
- sign(bytes, bytesHash) {
179
- return __awaiter(this, void 0, void 0, function* () {
180
- const key = new elliptic.ec(this.curve).keyFromPrivate(this._key);
181
- const sig = key.sign(bytesHash, { canonical: true });
182
- const signature = sig.r.toString('hex', 64) + sig.s.toString('hex', 64);
183
- const sbytes = bytes + signature;
184
- return {
185
- bytes,
186
- sig: b58cencode(signature, prefix.sig),
187
- prefixSig: b58cencode(signature, pref[this.curve].sig),
188
- sbytes,
189
- };
190
- });
139
+ compare(other) {
140
+ if (other instanceof EdPublicKey) {
141
+ return compareArrays(this.bytes(), other.bytes());
142
+ }
143
+ else {
144
+ throw new InvalidPublicKeyError('EdDSA key expected');
145
+ }
191
146
  }
192
- /**
193
- * @returns Encoded public key
194
- */
195
- publicKey() {
196
- return __awaiter(this, void 0, void 0, function* () {
197
- return b58cencode(this._publicKey, pref[this.curve].pk);
198
- });
147
+ hash() {
148
+ return b58Encode(hash(__classPrivateFieldGet(this, _EdPublicKey_key, "f"), 20), PrefixV2.Ed25519PublicKeyHash);
199
149
  }
200
- /**
201
- * @returns Encoded public key hash
202
- */
203
- publicKeyHash() {
204
- return __awaiter(this, void 0, void 0, function* () {
205
- return b58cencode(hash(new Uint8Array(this._publicKey), 20), pref[this.curve].pkh);
206
- });
150
+ bytes() {
151
+ return __classPrivateFieldGet(this, _EdPublicKey_key, "f");
207
152
  }
208
- /**
209
- * @returns Encoded private key
210
- */
211
- secretKey() {
212
- return __awaiter(this, void 0, void 0, function* () {
213
- const key = this._key;
214
- return b58cencode(key, pref[this.curve].sk);
215
- });
153
+ toProtocol() {
154
+ const res = new Uint8Array(__classPrivateFieldGet(this, _EdPublicKey_key, "f").length + 1);
155
+ res[0] = 0;
156
+ res.set(__classPrivateFieldGet(this, _EdPublicKey_key, "f"), 1);
157
+ return res;
216
158
  }
217
- }
218
- /**
219
- * @description Tz3 key class using the p256 curve
220
- */
221
- const Tz3 = ECKey.bind(null, 'p256');
222
- /**
223
- * @description Tz2 key class using the secp256k1 curve
224
- */
225
- const Tz2 = ECKey.bind(null, 'secp256k1');
226
-
227
- function parseHex(s) {
228
- const res = [];
229
- for (let i = 0; i < s.length; i += 2) {
230
- const ss = s.slice(i, i + 2);
231
- const x = parseInt(ss, 16);
232
- if (Number.isNaN(x)) {
233
- throw new InvalidHexStringError(ss);
234
- }
235
- res.push(x);
159
+ toString() {
160
+ return b58Encode(__classPrivateFieldGet(this, _EdPublicKey_key, "f"), PrefixV2.Ed25519PublicKey);
236
161
  }
237
- return new Uint8Array(res);
238
162
  }
163
+ _EdPublicKey_key = new WeakMap();
239
164
 
240
165
  /**
241
166
  * @category Error
@@ -306,6 +231,189 @@ class InvalidPassphraseError extends ParameterValidationError {
306
231
  }
307
232
  }
308
233
 
234
+ const pref = {
235
+ p256: {
236
+ pk: PrefixV2.P256PublicKey,
237
+ sk: PrefixV2.P256SecretKey,
238
+ pkh: PrefixV2.P256PublicKeyHash,
239
+ sig: PrefixV2.P256Signature,
240
+ tag: 2,
241
+ },
242
+ secp256k1: {
243
+ pk: PrefixV2.Secp256k1PublicKey,
244
+ sk: PrefixV2.Secp256k1SecretKey,
245
+ pkh: PrefixV2.Secp256k1PublicKeyHash,
246
+ sig: PrefixV2.Secp256k1Signature,
247
+ tag: 1,
248
+ },
249
+ };
250
+ class ECKeyBase {
251
+ constructor(keyPair) {
252
+ this.keyPair = keyPair;
253
+ }
254
+ curve() {
255
+ switch (this.keyPair.ec.curve) {
256
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
257
+ case elliptic.curves.secp256k1.curve:
258
+ return 'secp256k1';
259
+ // eslint-disable-next-line @typescript-eslint/no-explicit-any
260
+ case elliptic.curves.p256.curve:
261
+ return 'p256';
262
+ default:
263
+ throw new InvalidCurveError('unknown curve');
264
+ }
265
+ }
266
+ }
267
+ /**
268
+ * @description Provide signing logic for elliptic curve based key (tz2, tz3)
269
+ */
270
+ class ECKey extends ECKeyBase {
271
+ /**
272
+ *
273
+ * @param key Encoded private key
274
+ * @param decrypt Decrypt function
275
+ * @throws {@link InvalidKeyError}
276
+ */
277
+ constructor(key, decrypt) {
278
+ const [keyData, prefix] = b58DecodeAndCheckPrefix(key, [
279
+ PrefixV2.Secp256k1EncryptedSecretKey,
280
+ PrefixV2.P256EncryptedSecretKey,
281
+ PrefixV2.Secp256k1SecretKey,
282
+ PrefixV2.P256SecretKey,
283
+ ]);
284
+ const [decKey, curve] = (() => {
285
+ switch (prefix) {
286
+ case PrefixV2.Secp256k1EncryptedSecretKey:
287
+ case PrefixV2.P256EncryptedSecretKey:
288
+ if (decrypt === undefined) {
289
+ throw new Error('decryption function is not provided');
290
+ }
291
+ else {
292
+ return [
293
+ decrypt(keyData),
294
+ prefix === PrefixV2.Secp256k1EncryptedSecretKey ? 'secp256k1' : 'p256',
295
+ ];
296
+ }
297
+ case PrefixV2.Secp256k1SecretKey:
298
+ return [keyData, 'secp256k1'];
299
+ default:
300
+ return [keyData, 'p256'];
301
+ }
302
+ })();
303
+ super(new elliptic.ec(curve).keyFromPrivate(decKey));
304
+ }
305
+ /**
306
+ *
307
+ * @param bytes Bytes to sign
308
+ * @param bytesHash Blake2b hash of the bytes to sign
309
+ */
310
+ sign(bytes) {
311
+ const hash$1 = hash(bytes, 32);
312
+ const sig = this.keyPair.sign(hash$1, { canonical: true });
313
+ const signature = new Uint8Array(64);
314
+ const r = sig.r.toArray();
315
+ const s = sig.s.toArray();
316
+ signature.set(r, 32 - r.length);
317
+ signature.set(s, 64 - s.length);
318
+ return {
319
+ rawSignature: signature,
320
+ sig: b58Encode(signature, PrefixV2.GenericSignature),
321
+ prefixSig: b58Encode(signature, pref[this.curve()].sig),
322
+ };
323
+ }
324
+ /**
325
+ * @returns Encoded public key
326
+ */
327
+ publicKey() {
328
+ return new ECPublicKey(this.keyPair.ec.keyFromPublic(this.keyPair));
329
+ }
330
+ /**
331
+ * @returns Encoded private key
332
+ */
333
+ secretKey() {
334
+ return b58Encode(new Uint8Array(this.keyPair.getPrivate().toArray()), pref[this.curve()].sk);
335
+ }
336
+ }
337
+ function isKeyPair(src) {
338
+ return src instanceof KeyPair;
339
+ }
340
+ class ECPublicKey extends ECKeyBase {
341
+ constructor(src, curve) {
342
+ const key = (() => {
343
+ if (isKeyPair(src)) {
344
+ return src;
345
+ }
346
+ else {
347
+ const [key, crv] = (() => {
348
+ if (typeof src === 'string') {
349
+ const [key, pre] = b58DecodeAndCheckPrefix(src, [
350
+ PrefixV2.Secp256k1PublicKey,
351
+ PrefixV2.P256PublicKey,
352
+ ]);
353
+ return [key, pre === PrefixV2.Secp256k1PublicKey ? 'secp256k1' : 'p256'];
354
+ }
355
+ else if (curve !== undefined) {
356
+ return [src, curve];
357
+ }
358
+ else {
359
+ throw new InvalidCurveError('missing curve type');
360
+ }
361
+ })();
362
+ return new elliptic.ec(crv).keyFromPublic(key);
363
+ }
364
+ })();
365
+ super(key);
366
+ }
367
+ compare(other) {
368
+ if (other instanceof ECPublicKey) {
369
+ if (this.curve() === other.curve()) {
370
+ const compress = this.curve() === 'secp256k1';
371
+ return compareArrays(this.bytes(compress), other.bytes(compress));
372
+ }
373
+ else if (this.curve() === 'secp256k1') {
374
+ return -1;
375
+ }
376
+ else {
377
+ return 1;
378
+ }
379
+ }
380
+ else {
381
+ throw new InvalidPublicKeyError('ECDSA key expected');
382
+ }
383
+ }
384
+ hash() {
385
+ const key = this.bytes();
386
+ return b58Encode(hash(key, 20), pref[this.curve()].pkh);
387
+ }
388
+ bytes(compress = true) {
389
+ return new Uint8Array(this.keyPair.getPublic(compress, 'array'));
390
+ }
391
+ toProtocol() {
392
+ const key = this.bytes();
393
+ const res = new Uint8Array(key.length + 1);
394
+ res[0] = pref[this.curve()].tag;
395
+ res.set(key, 1);
396
+ return res;
397
+ }
398
+ toString() {
399
+ const key = this.bytes();
400
+ return b58Encode(key, pref[this.curve()].pk);
401
+ }
402
+ }
403
+
404
+ function parseHex(s) {
405
+ const res = [];
406
+ for (let i = 0; i < s.length; i += 2) {
407
+ const ss = s.slice(i, i + 2);
408
+ const x = parseInt(ss, 16);
409
+ if (Number.isNaN(x)) {
410
+ throw new InvalidHexStringError(ss);
411
+ }
412
+ res.push(x);
413
+ }
414
+ return new Uint8Array(res);
415
+ }
416
+
309
417
  /* eslint-disable @typescript-eslint/no-this-alias */
310
418
  const seedKey = {
311
419
  p256: 'Nist256p1 seed',
@@ -553,16 +661,16 @@ const generateSecretKey = (seed, derivationPath, curve) => {
553
661
  switch (curve) {
554
662
  case 'ed25519': {
555
663
  node = PrivateKey.fromSeed(seed).derivePath(path);
556
- const sk = b58cencode(node.seed().slice(0, 32), prefix.edsk2);
664
+ const sk = b58Encode(node.seed().slice(0, 32), PrefixV2.Ed25519Seed);
557
665
  return sk;
558
666
  }
559
667
  case 'secp256k1':
560
668
  case 'p256': {
561
- const prefixType = curve === 'secp256k1' ? prefix.spsk : prefix.p2sk;
669
+ const prefixType = curve === 'secp256k1' ? PrefixV2.Secp256k1SecretKey : PrefixV2.P256SecretKey;
562
670
  let privKey = PrivateKey$1.fromSeed(seed, curve);
563
671
  privKey = privKey.derivePath(path);
564
672
  const uint8arr = new Uint8Array(privKey.keyPair.getPrivate().toArray());
565
- const sk = b58cencode(uint8arr, prefixType);
673
+ const sk = b58Encode(uint8arr, prefixType);
566
674
  return sk;
567
675
  }
568
676
  case 'bip25519': {
@@ -574,6 +682,96 @@ const generateSecretKey = (seed, derivationPath, curve) => {
574
682
  }
575
683
  };
576
684
 
685
+ function isPOP(k) {
686
+ return 'provePossession' in k;
687
+ }
688
+
689
+ var _BLSKey_key, _BLSKey_publicKey, _BLSPublicKey_key;
690
+ const bls = bls12_381.longSignatures; // AKA MinPK
691
+ class BLSKey {
692
+ constructor(key, decrypt) {
693
+ _BLSKey_key.set(this, void 0);
694
+ _BLSKey_publicKey.set(this, void 0);
695
+ const tmp = b58DecodeAndCheckPrefix(key, [
696
+ PrefixV2.BLS12_381EncryptedSecretKey,
697
+ PrefixV2.BLS12_381SecretKey,
698
+ ]);
699
+ let [keyData] = tmp;
700
+ const [, prefix] = tmp;
701
+ if (prefix === PrefixV2.BLS12_381EncryptedSecretKey) {
702
+ if (decrypt !== undefined) {
703
+ keyData = decrypt(keyData);
704
+ }
705
+ else {
706
+ throw new Error('decryption function is not provided');
707
+ }
708
+ }
709
+ __classPrivateFieldSet(this, _BLSKey_key, keyData, "f");
710
+ __classPrivateFieldSet(this, _BLSKey_publicKey, bls.getPublicKey(this.sk()).toBytes(), "f");
711
+ }
712
+ sk() {
713
+ return new Uint8Array(__classPrivateFieldGet(this, _BLSKey_key, "f")).reverse();
714
+ }
715
+ signDst(message, dst) {
716
+ const point = bls.hash(message, dst);
717
+ const sig = bls.sign(point, this.sk()).toBytes();
718
+ return {
719
+ rawSignature: sig,
720
+ sig: b58Encode(sig, PrefixV2.GenericSignature),
721
+ prefixSig: b58Encode(sig, PrefixV2.BLS12_381Signature),
722
+ };
723
+ }
724
+ sign(message) {
725
+ return this.signDst(message, BLS12_381_DST);
726
+ }
727
+ provePossession() {
728
+ return this.signDst(__classPrivateFieldGet(this, _BLSKey_publicKey, "f"), POP_DST);
729
+ }
730
+ publicKey() {
731
+ return new BLSPublicKey(__classPrivateFieldGet(this, _BLSKey_publicKey, "f"));
732
+ }
733
+ secretKey() {
734
+ return b58Encode(__classPrivateFieldGet(this, _BLSKey_key, "f"), PrefixV2.BLS12_381SecretKey);
735
+ }
736
+ }
737
+ _BLSKey_key = new WeakMap(), _BLSKey_publicKey = new WeakMap();
738
+ class BLSPublicKey {
739
+ constructor(src) {
740
+ _BLSPublicKey_key.set(this, void 0);
741
+ if (typeof src === 'string') {
742
+ const [key, _] = b58DecodeAndCheckPrefix(src, [PrefixV2.BLS12_381PublicKey]);
743
+ __classPrivateFieldSet(this, _BLSPublicKey_key, key, "f");
744
+ }
745
+ else {
746
+ __classPrivateFieldSet(this, _BLSPublicKey_key, src, "f");
747
+ }
748
+ }
749
+ compare(other) {
750
+ if (other instanceof BLSPublicKey) {
751
+ return compareArrays(this.bytes(), other.bytes());
752
+ }
753
+ else {
754
+ throw new InvalidPublicKeyError('BLS key expected');
755
+ }
756
+ }
757
+ hash() {
758
+ return b58Encode(hash(__classPrivateFieldGet(this, _BLSPublicKey_key, "f"), 20), PrefixV2.BLS12_381PublicKeyHash);
759
+ }
760
+ bytes() {
761
+ return __classPrivateFieldGet(this, _BLSPublicKey_key, "f");
762
+ }
763
+ toProtocol() {
764
+ const res = new Uint8Array(__classPrivateFieldGet(this, _BLSPublicKey_key, "f").length + 1);
765
+ res[0] = 3;
766
+ res.set(__classPrivateFieldGet(this, _BLSPublicKey_key, "f"), 1);
767
+ return res;
768
+ }
769
+ toString() {
770
+ return b58Encode(__classPrivateFieldGet(this, _BLSPublicKey_key, "f"), PrefixV2.BLS12_381PublicKey);
771
+ }
772
+ }
773
+ _BLSPublicKey_key = new WeakMap();
774
+
577
775
  /**
578
776
  *
579
777
  * @description Import a key to sign operation with the side-effect of setting the Tezos instance to use the InMemorySigner provider
@@ -615,10 +813,11 @@ function importKey(toolkit, privateKeyOrEmail, passphrase, mnemonic, secret) {
615
813
 
616
814
  // IMPORTANT: THIS FILE IS AUTO GENERATED! DO NOT MANUALLY EDIT OR CHECKIN!
617
815
  const VERSION = {
618
- "commitHash": "7af2138a9e5c5b230c4b4c726f35c2f2e67b721c",
619
- "version": "23.0.0-beta.0"
816
+ "commitHash": "9065acc1b41ec205a49e64b54ef89f50bafa6210",
817
+ "version": "23.0.0"
620
818
  };
621
819
 
820
+ var _InMemorySigner_key;
622
821
  /**
623
822
  * @description A local implementation of the signer. Will represent a Tezos account and be able to produce signature in its behalf
624
823
  *
@@ -631,7 +830,7 @@ class InMemorySigner {
631
830
  throw new InvalidMnemonicError(mnemonic);
632
831
  }
633
832
  const seed = Bip39.mnemonicToSeedSync(mnemonic, `${email}${password}`);
634
- const key = b58cencode(seed.slice(0, 32), prefix.edsk2);
833
+ const key = b58Encode(seed.subarray(0, 32), PrefixV2.Ed25519Seed);
635
834
  return new InMemorySigner(key);
636
835
  }
637
836
  static fromSecretKey(key, passphrase) {
@@ -667,34 +866,63 @@ class InMemorySigner {
667
866
  *
668
867
  */
669
868
  constructor(key, passphrase) {
670
- const encrypted = key.substring(2, 3) === 'e';
671
- let decrypt = (k) => k;
869
+ _InMemorySigner_key.set(this, void 0);
870
+ const keyPrefixes = [
871
+ PrefixV2.Ed25519EncryptedSeed,
872
+ PrefixV2.Ed25519Seed,
873
+ PrefixV2.Ed25519SecretKey,
874
+ PrefixV2.Secp256k1EncryptedSecretKey,
875
+ PrefixV2.Secp256k1SecretKey,
876
+ PrefixV2.P256EncryptedSecretKey,
877
+ PrefixV2.P256SecretKey,
878
+ PrefixV2.BLS12_381EncryptedSecretKey,
879
+ PrefixV2.BLS12_381SecretKey,
880
+ ];
881
+ const pre = (() => {
882
+ try {
883
+ const [, pre] = b58DecodeAndCheckPrefix(key, keyPrefixes);
884
+ return pre;
885
+ }
886
+ catch (_a) {
887
+ throw new InvalidKeyError(`Invalid private key, expecting one of the following prefixes '${keyPrefixes}'.`);
888
+ }
889
+ })();
890
+ const encrypted = pre === PrefixV2.Ed25519EncryptedSeed ||
891
+ pre === PrefixV2.Secp256k1EncryptedSecretKey ||
892
+ pre === PrefixV2.P256EncryptedSecretKey ||
893
+ pre === PrefixV2.BLS12_381EncryptedSecretKey;
894
+ let decrypt;
672
895
  if (encrypted) {
673
896
  if (!passphrase) {
674
897
  throw new InvalidPassphraseError('No passphrase provided to decrypt encrypted key');
675
898
  }
676
- decrypt = (constructedKey) => {
677
- const salt = toBuffer(constructedKey.slice(0, 8));
678
- const encryptedSk = constructedKey.slice(8);
899
+ decrypt = (data) => {
900
+ const salt = toBuffer(data.slice(0, 8));
901
+ const encryptedSk = data.slice(8);
679
902
  const encryptionKey = pbkdf2.pbkdf2Sync(passphrase, salt, 32768, 32, 'sha512');
680
- return openSecretBox(new Uint8Array(encryptionKey), new Uint8Array(24), new Uint8Array(encryptedSk));
903
+ const res = openSecretBox(new Uint8Array(encryptionKey), new Uint8Array(24), new Uint8Array(encryptedSk));
904
+ if (!res) {
905
+ throw new Error("can't decrypt secret key");
906
+ }
907
+ return res;
681
908
  };
682
909
  }
683
- switch (key.substring(0, 4)) {
684
- case 'edes':
685
- case 'edsk':
686
- this._key = new Tz1(key, encrypted, decrypt);
910
+ switch (pre) {
911
+ case PrefixV2.Ed25519EncryptedSeed:
912
+ case PrefixV2.Ed25519Seed:
913
+ case PrefixV2.Ed25519SecretKey:
914
+ __classPrivateFieldSet(this, _InMemorySigner_key, new EdKey(key, decrypt), "f");
687
915
  break;
688
- case 'spsk':
689
- case 'spes':
690
- this._key = new Tz2(key, encrypted, decrypt);
916
+ case PrefixV2.Secp256k1EncryptedSecretKey:
917
+ case PrefixV2.Secp256k1SecretKey:
918
+ case PrefixV2.P256EncryptedSecretKey:
919
+ case PrefixV2.P256SecretKey:
920
+ __classPrivateFieldSet(this, _InMemorySigner_key, new ECKey(key, decrypt), "f");
691
921
  break;
692
- case 'p2sk':
693
- case 'p2es':
694
- this._key = new Tz3(key, encrypted, decrypt);
922
+ case PrefixV2.BLS12_381EncryptedSecretKey:
923
+ case PrefixV2.BLS12_381SecretKey:
924
+ __classPrivateFieldSet(this, _InMemorySigner_key, new BLSKey(key, decrypt), "f");
695
925
  break;
696
- default:
697
- throw new InvalidKeyError(`${invalidDetail(ValidationResult.NO_PREFIX_MATCHED)} expecting one of the following '${Prefix.EDESK}', '${Prefix.EDSK}', '${Prefix.SPSK}', '${Prefix.SPESK}', '${Prefix.P2SK}' or '${Prefix.P2ESK}'.`);
698
926
  }
699
927
  }
700
928
  /**
@@ -702,41 +930,72 @@ class InMemorySigner {
702
930
  * @param bytes Bytes to sign
703
931
  * @param watermark Watermark to append to the bytes
704
932
  */
705
- sign(bytes, watermark) {
933
+ sign(message, watermark) {
706
934
  return __awaiter(this, void 0, void 0, function* () {
707
- let bb = hex2buf(bytes);
708
- if (typeof watermark !== 'undefined') {
709
- bb = mergebuf(watermark, bb);
935
+ const msg = typeof message == 'string' ? hex2buf(message) : message;
936
+ const watermarkMsg = watermark !== undefined ? mergebuf(watermark, msg) : msg;
937
+ const { rawSignature, sig: signature, prefixSig: prefixedSignature, } = yield __classPrivateFieldGet(this, _InMemorySigner_key, "f").sign(watermarkMsg);
938
+ return {
939
+ bytes: buf2hex(msg),
940
+ sig: signature,
941
+ prefixSig: prefixedSignature,
942
+ sbytes: buf2hex(mergebuf(msg,
943
+ // bls only Signature_prefix ff03 ref:https://octez.tezos.com/docs/shell/p2p_api.html#signature-prefix-tag-255 & https://octez.tezos.com/docs/shell/p2p_api.html#bls-prefix-tag-3
944
+ isPOP(__classPrivateFieldGet(this, _InMemorySigner_key, "f")) ? mergebuf(new Uint8Array([255, 3]), rawSignature) : rawSignature)),
945
+ };
946
+ });
947
+ }
948
+ provePossession() {
949
+ return __awaiter(this, void 0, void 0, function* () {
950
+ if (isPOP(__classPrivateFieldGet(this, _InMemorySigner_key, "f"))) {
951
+ return __classPrivateFieldGet(this, _InMemorySigner_key, "f").provePossession();
952
+ }
953
+ else {
954
+ throw new ProhibitedActionError('Only BLS keys can prove possession');
710
955
  }
711
- const bytesHash = hash(bb, 32);
712
- return this._key.sign(bytes, bytesHash);
713
956
  });
714
957
  }
958
+ get canProvePossession() {
959
+ return isPOP(__classPrivateFieldGet(this, _InMemorySigner_key, "f"));
960
+ }
715
961
  /**
716
962
  * @returns Encoded public key
717
963
  */
718
964
  publicKey() {
719
- return __awaiter(this, void 0, void 0, function* () {
720
- return this._key.publicKey();
721
- });
965
+ return Promise.resolve(String(__classPrivateFieldGet(this, _InMemorySigner_key, "f").publicKey()));
722
966
  }
723
967
  /**
724
968
  * @returns Encoded public key hash
725
969
  */
726
970
  publicKeyHash() {
727
- return __awaiter(this, void 0, void 0, function* () {
728
- return this._key.publicKeyHash();
729
- });
971
+ return Promise.resolve(__classPrivateFieldGet(this, _InMemorySigner_key, "f").publicKey().hash());
730
972
  }
731
973
  /**
732
974
  * @returns Encoded private key
733
975
  */
734
976
  secretKey() {
735
- return __awaiter(this, void 0, void 0, function* () {
736
- return this._key.secretKey();
737
- });
977
+ return Promise.resolve(__classPrivateFieldGet(this, _InMemorySigner_key, "f").secretKey());
978
+ }
979
+ }
980
+ _InMemorySigner_key = new WeakMap();
981
+ function publicKeyFromString(src) {
982
+ const [keyData, pre] = b58DecodeAndCheckPrefix(src, [
983
+ PrefixV2.Ed25519PublicKey,
984
+ PrefixV2.Secp256k1PublicKey,
985
+ PrefixV2.P256PublicKey,
986
+ PrefixV2.BLS12_381PublicKey,
987
+ ]);
988
+ switch (pre) {
989
+ case PrefixV2.Ed25519PublicKey:
990
+ return new EdPublicKey(keyData);
991
+ case PrefixV2.Secp256k1PublicKey:
992
+ return new ECPublicKey(keyData, 'secp256k1');
993
+ case PrefixV2.P256PublicKey:
994
+ return new ECPublicKey(keyData, 'p256');
995
+ case PrefixV2.BLS12_381PublicKey:
996
+ return new BLSPublicKey(keyData);
738
997
  }
739
998
  }
740
999
 
741
- export { ecdsa as ECDSA, ed25519 as Ed25519, Hard, InMemorySigner, InvalidPassphraseError, Path, VERSION, generateSecretKey, importKey };
1000
+ export { ecdsa as ECDSA, ed25519 as Ed25519, Hard, InMemorySigner, InvalidPassphraseError, Path, VERSION, generateSecretKey, importKey, publicKeyFromString };
742
1001
  //# sourceMappingURL=taquito-signer.es6.js.map